Account hijackers rife, warns Google

Ken Kola, 20th February 2013

Google's warning of a big increase in the number of email accounts being hijacked - but says that things would be more than 100 times worse it it weren't for the company's efforts.

Most of the activity comes from criminals hoping to scam their victim's friends, for example by sending an email claiming that the user's stranded abroad and needs financial help.

Others are hoping to bypass spam filters by using an email address that appears to be a trustworthy source — sending messages such as 'check out this link, it's hilarious!'.

"Although spam filters have become very powerful — in Gmail, less than one percent of spam emails make it into an inbox — these unwanted messages are much more likely to make it through if they come from someone you’ve been in contact with before," says Mike Hearn, Google security engineer, in a company blog.

" As a result, in 2010 spammers started changing their tactics — and we saw a large increase in fraudulent mail sent from Google Accounts."

Indeed, he says, the company's seen a single attacker using stolen passwords to attempt to break into a million different Google accounts every day, for weeks at a time. A different gang attempted sign-ins at a rate of more than 100 accounts per second.

However, says the company proudly, it's managing to cut the number of compromised accounts by 99.7 percent since a peak in 2011, using a system that checks more than 120 variables to check the user's identity.

"If a sign-in is deemed suspicious or risky for some reason — maybe it’s coming from a country oceans away from your last sign-in — we ask some simple questions about your account," says Hearn. "For example, we may ask for the phone number associated with your account, or for the answer to your security question."

And users must do their bit, it says, by picking a strong password and upgrading their account to two-step verification.